The need for secure communications is well known. However, techniques for providing secure communications are constantly being developed in conjunction with advances in communications technology. Security can be achieved in Internet Protocol (“IP”) networks with encryption protocols such as IPSec, SIP TLS and SRTP. The security provided by these encryption protocols is generally more complete when implemented end-to-end, i.e., from host to host. However, intermediate network devices such as firewalls operate by examining packets to detect and filter communications which are hostile, unauthorized, or otherwise undesirable. This presents a problem because it is impractical for the intermediate devices to examine encrypted packets. It is known to manually configure pinholes in the intermediate network devices to allow encrypted packets to traverse the devices without being decrypted, but manual configuration is relatively slow and prone to error. There is therefore a need for a better solution to the problem. Further, there is now more urgency for a suitable solution because the IPv6 standard requires support for IPSec and allows for transport mode usage for end to end encryption. Moreover, many applications including multimedia communications have introduced their own signaling and media encryption (such as SRTP, SIP-TLS) which will also pose a problem for intermediate devices tasked with interrogating the payload and applying policies to the content.